2024-04-16_4b823b2ff79877852aae895a67a2be86_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-16_4b823b2ff79877852aae895a67a2be86_icedid
Size

760KB
MD5

4b823b2ff79877852aae895a67a2be86
SHA1

c5addcc7f96b3a0678ffde5b7814b293c01fc428
SHA256

50ca5be15b61df760318c7c014866a916392c84dc96bc57d6f4f836d0c240b05
SHA512

48c68c17f6821f99b340f93faabfe18149c8c43ab0e3dd2d9ef67a28d620c0d0098a377942477f6c19553358b40d6d07eedceb1c545319c56b4f263acc9517af
SSDEEP

12288:b/PnXcLGJJ93IXZHs8j2hnkRW6AQs9VOfPKLQvCA4aDRp4EQZ3lfjcA0EhVxPp26:bHnIGJJTTjCKLPA4OReEQZ31MEhhH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-16_4b823b2ff79877852aae895a67a2be86_icedid

Files

2024-04-16_4b823b2ff79877852aae895a67a2be86_icedid
.exe windows:4 windows x86 arch:x86

3f5d69cdac57fd3b5afa5d1470372697

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\mfc\MezzoTool\Release\MezzoTool.pdb

Imports

kernel32

GetOEMCP
GetCurrentDirectoryA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
RaiseException
HeapReAlloc
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
VirtualQuery
GetCommandLineA
GetProcessHeap
GetStartupInfoA
SetStdHandle
GetFileType
GetTimeFormatA
GetDateFormatA
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
InterlockedIncrement
TlsFree
LocalReAlloc
GlobalHandle
GlobalReAlloc
LocalAlloc
GetFileTime
GetFileAttributesA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalFlags
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DeleteFileA
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
lstrcmpW
GlobalFree
GetTimeZoneInformation
GetSystemTimeAsFileTime
FormatMessageA
LocalFree
SetEndOfFile
OutputDebugStringA
TlsAlloc
TlsGetValue
TlsSetValue
FindFirstFileA
GetFullPathNameA
FindClose
ReadFile
WriteFile
ClearCommBreak
ClearCommError
SetCommState
SetCommTimeouts
GetCommState
WritePrivateProfileStringA
GetLogicalDriveStringsA
GetDriveTypeA
CreateDirectoryA
GetVolumeInformationA
GetThreadLocale
GetCurrentProcess
CreateFileA
DeleteCriticalSection
PulseEvent
SetThreadPriority
TerminateThread
WaitForMultipleObjects
EnterCriticalSection
SetEvent
LeaveCriticalSection
CreateEventA
InitializeCriticalSection
ResetEvent
GetModuleFileNameA
VirtualAlloc
VirtualProtect
GetSystemInfo
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTime
SystemTimeToFileTime
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetTickCount
SetLastError
GetModuleHandleA
MulDiv
GetVersionExA
SetCurrentDirectoryA
CreateThread
SetErrorMode
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
ExitProcess
LoadLibraryA
CreateMutexA
GetCurrentThreadId
FreeLibrary
AllocConsole
GetStdHandle
FreeConsole
CloseHandle
GetProcAddress
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
FindResourceA
LoadResource
LockResource
SizeofResource
lstrlenA
CompareStringW
CompareStringA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
GetFileSize
HeapSize
RemoveDirectoryA

user32

GetMenuStringA
TranslateAcceleratorA
SetRectEmpty
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
GetSysColorBrush
UnregisterClassA
PostThreadMessageA
CharNextA
InvalidateRgn
GetNextDlgGroupItem
GetMenuCheckMarkDimensions
RegisterWindowMessageA
WinHelpA
GetClassLongA
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
PeekMessageA
TrackPopupMenuEx
TrackPopupMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetWindowPlacement
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
SetFocus
IsWindowEnabled
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemInt
GetDlgItem
CheckDlgButton
PostMessageA
ReleaseCapture
GetWindowThreadProcessId
SetCapture
GetCapture
GetAsyncKeyState
GetDoubleClickTime
WindowFromPoint
SetWindowsHookExA
CallNextHookEx
CopyAcceleratorTableA
MapVirtualKeyA
GetKeyNameTextA
SetPropA
GetPropA
RemovePropA
GetIconInfo
CopyImage
CreateWindowExA
RedrawWindow
ValidateRect
BeginPaint
EndPaint
SetWindowPos
SetMenu
CallWindowProcA
UnhookWindowsHookEx
LoadMenuA
SystemParametersInfoA
GetSubMenu
GetMenuItemInfoA
GetMenuState
GetMenuDefaultItem
DrawFocusRect
DrawEdge
FillRect
WindowFromDC
LoadBitmapA
OffsetRect
SetRect
IsRectEmpty
DrawStateA
LoadImageA
LoadIconA
DrawIconEx
GetWindowDC
EnableMenuItem
SendMessageTimeoutA
MessageBoxA
EnumWindows
SetWindowLongA
GetForegroundWindow
BringWindowToTop
GetWindowLongA
IsMenu
GetMessagePos
GetDesktopWindow
ScreenToClient
ClientToScreen
InflateRect
PtInRect
SetActiveWindow
GetActiveWindow
MapWindowPoints
SetTimer
IsWindowVisible
GetClassWord
GetWindowTextLengthA
GetWindowTextA
GetClassNameA
GetDC
GetParent
InvalidateRect
ReleaseDC
ModifyMenuA
GetMenuItemID
GetMenuItemCount
AppendMenuA
CreatePopupMenu
IntersectRect
EqualRect
CopyRect
ShowOwnedPopups
GetMessageA
TranslateMessage
PostQuitMessage
SetMenuItemBitmaps
CharUpperA
GetCursorPos
IsChild
GetFocus
KillTimer
GetMenu
DestroyMenu
IsWindow
GetSystemMetrics
GetWindow
UpdateWindow
GetWindowRect
IsIconic
GetSystemMenu
CheckMenuItem
DrawIcon
SetForegroundWindow
DestroyIcon
MessageBeep
GetKeyState
GetSysColor
SetCursor
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
LoadCursorA
GetCaretPos
GetClientRect
EnableWindow
SendMessageA
DefWindowProcA

gdi32

GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
GetTextAlign
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetMapMode
LineTo
GetRgnBox
SetTextAlign
MoveToEx
GetTextExtentPointA
GetCurrentPositionEx
DeleteObject
CreateBitmap
SelectObject
IntersectClipRect
SetMapMode
RestoreDC
SaveDC
SetTextColor
GetClipBox
SelectClipRgn
SetWindowOrgEx
PtVisible
GetTextMetricsA
DPtoLP
TextOutA
SetBkColor
DeleteDC
SetPixel
BitBlt
RoundRect
Rectangle
GetNearestColor
GetDeviceCaps
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
CreateSolidBrush
UnrealizeObject
GetTextColor
GetBkColor
GetObjectA
CreateFontIndirectA
ExtCreatePen
CreatePen
GetPixel
SetBkMode
SetBrushOrgEx
CreateCompatibleDC
CreateCompatibleBitmap
CreatePatternBrush
GetTextExtentPoint32A
GetStockObject
Escape
ExtTextOutA
RectVisible
GetCurrentObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA

comctl32

ord17
ImageList_GetIconSize

oledlg

ord8

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 544KB - Virtual size: 543KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f5d69cdac57fd3b5afa5d1470372697

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

version

Sections

.text Size: 544KB - Virtual size: 543KB

.rdata Size: 132KB - Virtual size: 129KB

.data Size: 20KB - Virtual size: 43KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 544KB - Virtual size: 543KB

.rdata
Size: 132KB - Virtual size: 129KB

.data
Size: 20KB - Virtual size: 43KB

.rsrc
Size: 60KB - Virtual size: 59KB